Proof Point - Capitalizing on Security
May/Jun 2003 by Liz Tanner
TransUnion is a leading global information solutions company with 3,000 associates supporting clients in more than 24 countries. Based in Chicago, Illinois, TransUnion offers a broad range of financial products and services that enable customers to manage risk and capitalize on market opportunities. The company uses leading-edge technology coupled with extensive analytical capabilities to combat fraud and facilitate credit transactions between businesses and consumers across multiple markets.
TransUnion processes millions of credit and score reports every day with a core database containing 20 terabytes of data housed on mainframe and UNIX computers. With this huge volume of highly confidential information, security is a top concern. The company had created its own security infrastructure to support TransUnionDesktop, its business-to-business (B2B) transactional Web site, but the system wasn't scalable enough to support its rapid growth. Site performance began degrading after 40,000 users. TransUnion needed to replace its homegrown infrastructure with a scalable, directory-integrated Internet security solution.
With disparate systems throughout its enterprise, some TransUnion employees had to remember up to 12 passwords access the applications needed to do their jobs. A secure identity management solution would unify identity information across different systems, improving both productivity and security. TransUnion also wanted to extend secure intranet access to employees working in its 60 field offices or from home.
To improve service for its global customers, partners and employees, TransUnion wanted to offer secure access to personalized Web pages with a single log in. Customized content would give users faster and more efficient access to a full breadth of products, information and resources.
To build its secure identity management solution, TransUnion evaluated several alternatives including Sun ONE, IBM SecureWay, and Microsoft Active Directory. The company ultimately selected a Novell Security and Identity Solution including Novell eDirectory, Novell DirXML, Novell iChain, and Novell BorderManager to create a scalable, directory-integrated solution across its entire enterprise.
"We knew that a single, centralized directory would be critical for Internet security and we'd already had great experience with Novell eDirectory for network authentication," said Doug Lionberger, senior director of Communications and Security Services at TransUnion. "Rave reviews from industry analysts, as well as strong customer references, helped us make an informed decision that Novell is the strategic, dominant player in directory services."
Novell eDirectory provides a central hub for user identity information and security policies across TransUnion's mixed environment of Microsoft Windows NT, NetWare and UNIX. Novell DirXML synchronizes user information across disparate applications to provide a single view of user identities and access rights. Novell iChain and Novell BorderManager provide secure access for both Internet and intranet applications, giving TransUnion customers, partners and employees identity-based access to information.
In six months, Novell consulting helped TransUnion design and implement its new directory-integrated security infrastructure. With the Novell Security and Identity Solution in place, the company seamlessly transitioned from its old system in a matter of minutes.
"We completely redesigned and replaced the core security infrastructure of our business with absolutely no downtime," said Lionberger. "Novell consultants were with us from start to finish, providing exceptional methodology and product expertise. The team was extremely professional and met every deadline and financial objective."
Scalability supports rapid growth
With the help of a scalable, identity-based security infrastructure, TransUnion increased its eCommerce customers from 38,000 to 150,000 in less than a year—without investing in additional infrastructure or IT staff. The company now processes more than 200,000 transactions per week. Customers have a single ID and password to access a personalized view of resources, which increases their efficiency in accessing credit-based information.
TransUnion is able to reduce the overhead on its existing Web servers by 10-15 percent by offloading SSL processing to iChain, which allows the servers to support many more users. The iChain architecture also simplifies the deployment and management of secure Web-based applications, allowing TransUnion to quickly add new applications to its B2B site without the need for additional IT resources.
"We simply couldn't have grown our business this fast without the scalability and flexibility of the Novell Security and Identity Solution," said Lionberger. "With the unmatched scalability of Novell eDirectory and the security of Novell iChain, we can keep pace with rapid growth without having to invest in new infrastructure or resources."
Identity management simplifies user administration
The combination of eDirectory, DirXML, iChain and BorderManager secures and simplifies the management of TransUnion's identity information, so that users have access only to the data they are authorized to use.
"Our business requires that we provide only the right people with secure access to enormous volumes of highly sensitive, regulated information," said Lionberger. "Secure identity management is a huge deal for us."
TransUnion can now extend secure intranet access to employees working outside its corporate headquarters in 60 offices or from home. Employees can view customized information, based on their roles and responsibilities within the company. TransUnion also has the flexibility to offer more methods of user authentication, including digital certificates, biometrics, smartcards and tokens.
Through secure virtual private network (VPN) connections, the IT staff can access systems and perform much of its afterhours support from home, eliminating long hours and weekends in the office. Employees can also work productively at remote locations with secure access to the applications available on the corporate intranet. The VPN component of Novell BorderManager not only provides TransUnion's remote users with access to network resources, but also strong encryption technology to protect remote users' VPN access.
In the future, TransUnion plans to simplify its user administration even further by using DirXML to synchronize its PeopleSoft HR system with eDirectory. Novell eGuide will then power a corporate "white pages" to provide up-to-date employee contact information and dynamic organizational charts.
With systems linked to DirXML, TransUnion administrators will need to change user information only once to propagate changes to all relevant databases and directories system-wide. This automatic synchronization will dramatically reduce administration costs by eliminating the need to manually update information in multiple systems. (For more information on DirXML, see Your First Steps to Data Sharing and Syncing, and also The DirXML Basics.)
"The end goal is to use DirXML to integrate all of our directories and applications," said Lionberger. "Eventually, eDirectory will be the central hub that controls and manages data from all our different sources, allowing us to offer new services to our business partners and customers."
A firm foundation for a secure enterprise
TransUnion has relied on Novell NetWare as the foundation of its enterprise for nearly 12 years. Other Novell solutions round out its Novell environment including Novell Cluster Services, Novell GroupWise 6, and Novell ZENworks for Desktops.
With Netware 6 and Novell Cluster Services, the company provides its users with 100 percent uptime. If one server in the cluster should fail, other servers in the cluster automatically take over the failed server's responsibilities, guaranteeing uninterrupted access to the data and zero downtime.
"We've relied on Novell for years, for all the reasons other customers know so well—the stability, reliability, security and efficiency of Novell products," said Lionberger. "Though we have an eclectic environment, including Microsoft products, Novell offers us more stability than anything else on the market."
GroupWise 6 manages more than 100,000 e-mail messages a day for TransUnion. Remote users particularly appreciate the Web access functionality of GroupWise, which enables them to access e-mail from anywhere, at any time, with a standard Web browser. With the lauded security capabilities of GroupWise, TransUnion has never experienced downtime from a virus attack, and is looking forward to new anti-spam capabilities in GroupWise 6.5.
With ZENworks for Desktops, TransUnion has dramatically improved application distribution to its Microsoft Windows desktops across multiple offices. Rather than manually installing software on several hundred machines at a time, administrators can automatically deploy software and upgrades from a central location, improving application delivery time from weeks to days. The remote control functionality in ZENworks allows administrators to support users without leaving their desks, enabling helpdesk staff to identify user problems remotely and provide quick responses to user requests. ZENworks for Desktops has also improved inventory management by automating time-consuming manual processes.
With Novell Security and Identity Solution TransUnion can deliver the right resources to the right people—securely, efficiently and affordably. The company has substantially expanded its business and opened up new revenue streams, serving 150,000 online customers and processing more than 200,000 transactions each week. With a single user ID, customers have secure access to customized information to efficiently process financial and credit information requests.
"In less than a year, we've grown our B2B eCommerce business from 38,000 to 150,000 customers and quadrupled the number of transactions we process every week—all without investing in new hardware or increasing our IT staff," said Lionberger. "Novell helps us do more with less."
Novell iChain helps the company leverage its technology investments by reducing the overhead on its Web servers by 10-15 percent, eliminating the need to invest in additional servers.
TransUnion employees now have secure, Web-based access to intranet resources from any of its 60 field offices, as well as from home. Identity management protects the company's enormous amounts of highly sensitive data by ensuring that both employees and customers access appropriate information.
"Novell technology has laid the foundation for us to offer all kinds of new services to our employees, business partners and consumers," Lionberger said. "We can expand the services we offer over the Internet, while maintaining the tight, integrated security our industry demands."
- Replace homegrown security infrastructure with scalable, directory-based solution
- Simplify user administration to increase productivity and heighten security
- Improve information access for 150,000 online customers
- Novell Security and Identity Solution
- Novell Workgroup Solution
- Scaled business from 38,000 to 150,000 customers without new hardware or additional IT staff
- Simplified user administration with directory-based infrastructure to give identity-based Web access to customers and employees
- Provides customers with customized content for faster and more efficient access to financial and credit-based information
- Manages entire Novell environment with only five people
|Tech Talk #1 - Managing Pure Windows Desktop Environments with Novell ZENworks for Desktops|